jmm-guest at alioth.debian.org
2008-Oct-29 17:33 UTC
[Secure-testing-commits] r10201 - data/CVE
Author: jmm-guest
Date: 2008-10-29 17:33:06 +0000 (Wed, 29 Oct 2008)
New Revision: 10201
Modified:
data/CVE/list
Log:
balazar3 fixed
dovecot fixed
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-10-29 11:19:25 UTC (rev 10200)
+++ data/CVE/list 2008-10-29 17:33:06 UTC (rev 10201)
@@ -63,9 +63,7 @@
CVE-2008-4748 (Format string vulnerability in the URI handler in KVirc 3.4.0,
when ...)
- kvirc 2:3.4.0-3 (bug #503401)
CVE-2008-XXXX [balazar3: insecure temp file handling]
- - blazar3 <not-affected> (Package is in experimental)
- NOTE: balazar3 is in experimental, see bug #503750
- NOTE: Temp issues can''t be marked as NFUs
+ - balazar3 0.1-2 (bug #503750)
CVE-2008-4775 [XSS in phpmyadmin via db parameter in pmd_pdf.php]
- phpmyadmin <unfixed> (unimportant)
NOTE: relies on register_globals being on which is not supported by Debian
@@ -426,7 +424,7 @@
- dovecot <unfixed> (low; bug #502967)
[etch] - dovecot <no-dsa> (Minor issue)
CVE-2008-4577 (The ACL plugin in Dovecot before 1.1.4 treats negative access
rights ...)
- - dovecot <unfixed> (low; bug #502967)
+ - dovecot 1:1.0.15-2.2 (low; bug #502967)
[etch] - dovecot <no-dsa> (Minor issue)
CVE-2008-4576 (sctp in Linux kernel before 2.6.25.18 allows remote attackers to
cause ...)
- linux-2.6 2.6.26-9
@@ -6997,9 +6995,8 @@
NOT-FOR-US: Skype
CVE-2008-1804 (preprocessors/spp_frag3.c in Sourcefire Snort before 2.8.1 does
not ...)
- snort 2.7.0-20 (low; bug #483160)
+ [lenny] - snort 2.7.0-20.2 (low; bug #483160)
[etch] - snort <not-affected> (Only 2.6 and 2.8 are affected)
- [lenny] - snort 2.7.0-20.2
- NOTE: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=701
CVE-2008-1803 (Integer signedness error in the xrealloc function (rdesktop.c)
in ...)
{DSA-1573-1}
- rdesktop 1.5.0-4+cvs20071006 (bug #480135)